This is EXACTLY what I had to do. I was at the mercy of a poorly designed system and had to use this type of thing as a kind of hack. The trigger is an AFTER CREATE trigger and submits an execute of a procedure through DBMS_JOB (obviously this was 9i), with a sysdate+1/64800 delay.

The GRANT can be locked out due to developer code performing other statements immediately after creating the table, so in my procedure I try up to 10 times (1 second waits inbetween) before giving up on the requested grant.

you cannot grant directly out of the trigger, but you could submit a job that does
this for you. Set the interval to null and the job will disappear after execution.
but take care, trigger should not fire to often as this might fill up the job queue
intolerably.

From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Scott Canaan
Sent: Thursday, February 19, 2009 10:21 PM
To: oracle-l_at_freelists.org
Subject: Trigger Question
I have a question on how to grant select access to a table as part of the table create process, inside the database. I was hoping to use a system trigger (after create on schema). In testing, I created the following trigger and stored procedure:

SQL>
The request is to have all tables (and views) owned by one user to be readable by another user, but not by giving "select any table" to the other user. I granted all of the existing tables and views, but want to automatically be able to grant future ones as they are created. It seems like there should be a way to do this and it shouldn't be too hard, without relying on the developers to remember to put the grants in their code. I can't believe I'm the first one to have this issue.

We are using Oracle 10.2.0.4.

Thank you,

Scott Canaan '88 (Scott.Canaan_at_rit.edu)
(585) 475-7886
"Life is like a sewer, what you get out of it depends on what you put into it." - Tom Lehrer.
The information contained in this communication is confidential, is
intended only for the use of the recipient named above, and may be legally
privileged.

If the reader of this message is not the intended recipient, you are
hereby notified that any dissemination, distribution or copying of this
communication is strictly prohibited.

If you have received this communication in error, please resend this
communication to the sender and delete the original message or any copy
of it from your computer system.